The Electronic Vaulting software transports data through a 256-bit SSL (Secure Socket Layer) channel. This is the same level of encryption that is used to process credit cards securely over the internet. Your data is treated with the same care and security as your on-line credit card purchases.
The data is encrypted before it hits the internet
Prior to your data even reaching the internet (through the 256-bit SSL channel described above), all of your files are compressed and encrypted with an encryption key of your company's choosing. The files are transported and stored in this encrypted state, ensuring that even if the files were physically obtained or downloaded off of your computer, they would simply be gibberish. Even if a thief hacked your network and gained access to your vaulted data, they would not be able to read it or use it.
The encryption algorithm is top notch
Circadian Force is proud to offer three encryption algorithms to suit the various needs of organizations:
The AES algorithm has been approved for use by U.S. Government organizations to protect sensitive, unclassified information. The Secretary of Commerce approved the adoption of the AES as an official Government standard effective May 26th, 2002.
The other Encryption algorithms were AES finalists chosen by the National Institute of Standard and Technology (NIST). They remain available as alternate algorithms for those that prefer their block ciphers over the AES algorithm.
It would take nearly 150 trillion years to crack the 128-bit algorithm
A 128-bit key size has around 3.4 x 1038 possible combinations.
Assuming that a person could build a machine that could recover a DES key in one second, then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the Universe is believed to be less than 20 billion years old.
When we talk about the security of your data, we mean business.
Our staff does not have access to your encryption key
The encryption key used to encrypt your files is known only to your company. It is never transmitted over the network and our staff will not have access to this key. Even though the files are stored off-site in one of our Data centers, no one will be able to read or view content of the files, even with direct access to the server itself.
Data Center Security
Even our physical security is top-notch. Access to our Data center(s) is controlled through finger print recognition equipment and/or Iris recognition software. Only approved employees are allowed to access the Data center where your server resides.
Restorations that require written permission and signatures
If you are concerned about confidential company data being restored by malicious parties within your organization, you can choose to allow the restoration of data only after a written request with an authorized signature has been submitted to Circadian Force. This way, no one will be able to restore files using the DataForce Management Console without executive approval, even if they have access to the encryption key. Using this scenario, data can only be restored when a top-level executive has declared a state of disaster within the company.
Restrict access to data by IP addresses
You can also restrict access to your backup files from a set of IP addresses specific to your organization. If someone tries to access your data from an IP address outside your organization, their access will be denied. This optional layer of security ensures only employees within the company can perform restorations, even if the correct username and password credentials are supplied.